CVE-2021-32718

RabbitMQ is a multi-protocol messaging broker. In rabbitmq-server prior to version 3.8.17, a new user being added via management UI could lead to the user's bane being rendered in a confirmation message without proper `<script>` tag sanitization, potentially allowing for JavaScript code execution in the context of the page. In order for this to occur, the user must be signed in and have elevated permissions (other user management). The vulnerability is patched in RabbitMQ 3.8.17. As a workaround, disable `rabbitmq_management` plugin and use CLI tools for management operations and Prometheus and Grafana for metrics and monitoring.
Basic XSS
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.1 LOW
NETWORK
HIGH
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 30%
Affected Products (NVD)
VendorProductVersion
vmwarerabbitmq
𝑥
< 3.8.17
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
rabbitmq-server
bookworm
3.10.8-1.1+deb12u1
fixed
bookworm (security)
3.10.8-1.1+deb12u1
fixed
bullseye
no-dsa
bullseye (security)
vulnerable
buster
no-dsa
sid
3.10.8-3
fixed
stretch
not-affected
trixie
3.10.8-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
rabbitmq-server
bionic
needed
focal
needed
groovy
ignored
hirsute
ignored
impish
ignored
jammy
not-affected
kinetic
not-affected
lunar
not-affected
mantic
not-affected
noble
not-affected
trusty
dne
xenial
needed
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
elixir115
suse enterprise sap 15 SP6
1.15.7-150300.7.5.1
fixed
suse enterprise sap 15 SP7
1.15.7-150300.7.5.1
fixed
suse enterprise server 15 SP6
1.15.7-150300.7.5.1
fixed
suse enterprise server 15 SP7
1.15.7-150300.7.5.1
fixed
erlang-rabbitmq-client
suse enterprise sap 15 SP2
3.8.3-3.3.4
fixed
suse enterprise sap 15 SP3
3.8.11-3.3.3
fixed
suse enterprise sap 15 SP4
3.8.11-3.3.3
fixed
suse enterprise sap 15 SP5
3.8.11-3.3.3
fixed
suse enterprise sap 15 SP6
3.8.11-3.3.3
fixed
suse enterprise sap 15 SP7
3.8.11-3.3.3
fixed
suse enterprise server 15 SP2
3.8.3-3.3.4
fixed
suse enterprise server 15 SP3
3.8.11-3.3.3
fixed
suse enterprise server 15 SP4
3.8.11-3.3.3
fixed
suse enterprise server 15 SP5
3.8.11-3.3.3
fixed
suse enterprise server 15 SP6
3.8.11-3.3.3
fixed
suse enterprise server 15 SP7
3.8.11-3.3.3
fixed
erlang-rabbitmq-client313
suse enterprise sap 15 SP6
3.13.1-150600.13.5.3
fixed
suse enterprise sap 15 SP7
3.13.1-150600.13.5.3
fixed
suse enterprise server 15 SP6
3.13.1-150600.13.5.3
fixed
suse enterprise server 15 SP7
3.13.1-150600.13.5.3
fixed
erlang26
suse enterprise sap 15 SP6
26.2.1-150300.7.5.1
fixed
suse enterprise sap 15 SP7
26.2.1-150300.7.5.1
fixed
suse enterprise server 15 SP6
26.2.1-150300.7.5.1
fixed
suse enterprise server 15 SP7
26.2.1-150300.7.5.1
fixed
erlang26-epmd
suse enterprise sap 15 SP6
26.2.1-150300.7.5.1
fixed
suse enterprise sap 15 SP7
26.2.1-150300.7.5.1
fixed
suse enterprise server 15 SP6
26.2.1-150300.7.5.1
fixed
suse enterprise server 15 SP7
26.2.1-150300.7.5.1
fixed
rabbitmq-server
suse enterprise sap 15 SP2
3.8.3-3.3.4
fixed
suse enterprise sap 15 SP3
3.8.11-3.3.3
fixed
suse enterprise sap 15 SP4
3.8.11-3.3.3
fixed
suse enterprise sap 15 SP5
3.8.11-3.3.3
fixed
suse enterprise sap 15 SP6
3.8.11-3.3.3
fixed
suse enterprise sap 15 SP7
3.8.11-3.3.3
fixed
suse enterprise server 15 SP2
3.8.3-3.3.4
fixed
suse enterprise server 15 SP3
3.8.11-3.3.3
fixed
suse enterprise server 15 SP4
3.8.11-3.3.3
fixed
suse enterprise server 15 SP5
3.8.11-3.3.3
fixed
suse enterprise server 15 SP6
3.8.11-3.3.3
fixed
suse enterprise server 15 SP7
3.8.11-3.3.3
fixed
rabbitmq-server-plugins
suse enterprise sap 15 SP2
3.8.3-3.3.4
fixed
suse enterprise sap 15 SP3
3.8.11-3.3.3
fixed
suse enterprise sap 15 SP4
3.8.11-3.3.3
fixed
suse enterprise sap 15 SP5
3.8.11-3.3.3
fixed
suse enterprise sap 15 SP6
3.8.11-3.3.3
fixed
suse enterprise sap 15 SP7
3.8.11-3.3.3
fixed
suse enterprise server 15 SP2
3.8.3-3.3.4
fixed
suse enterprise server 15 SP3
3.8.11-3.3.3
fixed
suse enterprise server 15 SP4
3.8.11-3.3.3
fixed
suse enterprise server 15 SP5
3.8.11-3.3.3
fixed
suse enterprise server 15 SP6
3.8.11-3.3.3
fixed
suse enterprise server 15 SP7
3.8.11-3.3.3
fixed
rabbitmq-server313
suse enterprise sap 15 SP6
3.13.1-150600.13.5.3
fixed
suse enterprise sap 15 SP7
3.13.1-150600.13.5.3
fixed
suse enterprise server 15 SP6
3.13.1-150600.13.5.3
fixed
suse enterprise server 15 SP7
3.13.1-150600.13.5.3
fixed
rabbitmq-server313-bash-completion
suse enterprise sap 15 SP7
3.13.1-150600.13.5.3
fixed
suse enterprise server 15 SP7
3.13.1-150600.13.5.3
fixed
rabbitmq-server313-plugins
suse enterprise sap 15 SP6
3.13.1-150600.13.5.3
fixed
suse enterprise sap 15 SP7
3.13.1-150600.13.5.3
fixed
suse enterprise server 15 SP6
3.13.1-150600.13.5.3
fixed
suse enterprise server 15 SP7
3.13.1-150600.13.5.3
fixed
rabbitmq-server313-zsh-completion
suse enterprise sap 15 SP7
3.13.1-150600.13.5.3
fixed
suse enterprise server 15 SP7
3.13.1-150600.13.5.3
fixed
Common Weakness Enumeration
References
http://seclists.org/fulldisclosure/2021/Dec/3
https://github.com/rabbitmq/rabbitmq-server/pull/3028
https://github.com/rabbitmq/rabbitmq-server/security/advisories/GHSA-c3hj-rg5h-2772
http://seclists.org/fulldisclosure/2021/Dec/3
https://github.com/rabbitmq/rabbitmq-server/pull/3028
https://github.com/rabbitmq/rabbitmq-server/security/advisories/GHSA-c3hj-rg5h-2772